mirror of https://github.com/nextcloud/server.git
fix: treat text app session parameters as sensitive values
* `PublicSessionController create` receives a share token. * The others receive the parameters for a text session: `document_id`, `session_id`, `session_token`. Even though these are relatively short lived they could be used to retrieve content from the document when leaked. Signed-off-by: Max <max@nextcloud.com>pull/36936/head
parent
416efc12d6
commit
95a674e238
Loading…
Reference in New Issue